CVE-2024-36534 Information

Description

Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account’s token.

Reference

https://gist.github.com/HouqiyuA/0de688e6b874e480ddc1154350368450